Poclain PSIRT

Vulnerability declaration and security incident response.

At Poclain, product security is a shared responsibility with the community that uses, integrates and researches our technology.

Poclain designs products that include digital components (firmware, ECUs, communication interfaces, associated services). Despite the care taken during development, vulnerabilities may exist or emerge over time.
If you are a security researcher, customer, system integrator or partner and have identified a potential vulnerability affecting one of our products or services, we invite you to let us know. Your contribution helps us protect the users of our solutions and continuously improve the resilience of our products.

How to reach us

product.security@poclain.com

Suggested subject: Vulnerability Report – [Product / Component]

To support our analysis, please include where possible: the affected product and version, a description of the vulnerability, reproduction steps, estimated impact, and any supporting material (logs, captures, proof of concept). Anonymous reports are accepted.

Our commitment

Acknowledge your report within 48 hours
Keep you informed of major investigation milestones
Coordinate the publication of a security advisory with you
Refrain from any legal action against good-faith security researchers

Learn more

Our full approach — scope, accepted vulnerability types, handling timeline, obligations under the EU Cyber Resilience Act (CRA), and recognition of contributors — is described in our Coordinated Vulnerability Disclosure Policy.

👉 Coordinated Vulnerability Disclosure Policy – P06-GRP-P840